Hacked government computer files held for ransom

Wednesday

Dec 6, 2017 at 10:53 AMDec 6, 2017 at 10:54 AM

By Steve Harrison The Charlotte Observer

CHARLOTTE — Mecklenburg County government has been paralyzed by an unknown computer hacker after a county employee unknowingly opened an email attachment Monday that unleashed spyware and a worm into the county’s computer system.

County manager Dena Diorio said Tuesday night that the hacker has essentially frozen the county’s electronic files. The hacker is seeking $23,000 for an encryption key that would release the files.

The hacker’s deadline: 1 p.m. Wednesday.

“The files on the servers are being held for ransom,” she said before a commissioners meeting Wednesday.

Diorio said the county is working with a third-party technology company to decide what to do. She said she is open to paying the ransom, which would be paid in bitcoin.

But Diorio said that paying the ransom would present a number of other potential problems, not including rewarding the hackers.

“If you pay the bitcoin, there is always a risk they won’t give you the encryption key,” she said. “And they could go back for more (money).”

Diorio said the decision on whether to pay will be made by her — and not necessarily by commissioners.

“We need to determine how much it would cost (to pay) versus fixing it on our own,” she said. “There are a lot of places that pay because it’s cheaper.”

Diorio said the hackers don’t have access to people’s health records, Social Security numbers or credit card information.

“Social Security numbers are protected and health information is protected,” she said.

She said an example of the problem is the county’s code enforcement office, where much of the work is done electronically. Employees no longer have access to their records. But she said they are switching to paper records for work on Wednesday.

Diorio said the Charlotte-Mecklenburg Police Department is not yet involved in the case. She doesn’t think the county was targeted specifically, she said, but rather was part of a wide net cast by hackers.

“I don’t think we were targeted,” she said. “I don’t think we were at fault. There have been many, many institutions that have been breached. I think we do everything we can to keep our firewall secure.”

The city of Charlotte said Wednesday that its computer systems have not been hacked. The city’s chief information officer, Jeff Stovall, said the city has severed its connection to county computer systems.

Earlier in the day Tuesday, the county said its computer system had been shut down due to an “external threat.”

The county said it has never been hacked before Monday.

In recent years, numerous corporations have been hacked, including Target and Equifax.

When governments are hacked, most of the attention has been focused on federal agencies, which experts believe to have been hacked by adversaries such as China or North Korea.

A global ransomware attack earlier this year infected tens of thousands of computers in nearly 100 countries.